[HOW TO] set umask for user has /sbin/nologin environment ~ ...

Come back to the last week, I worked on case "change umask for SFTP/ SSH user"

At that time, I simply thought that it is umask. So I added umask to ~/.bashrc and ~/.bash_profile.

But nothing to change. It means that I need think logically.

User login -> ssh -> pam.d/ssh -> /etc/profile (~/.bash_profile)

Why?
A few second I see that user's ssh/ sftp has shell environment is /sbin/nologin. So it is not affected by ~/.bash_profile, also /etc/profile

And then I need to add "umask" on "ssh" step of flowchart:
User login -> ssh -> pam.d/ssh -> /etc/profile (~/.bash_profile)

I go to /etc/ssh/sshd_config

# override default of no subsystems#Subsystem sftp /usr/libexec/openssh/sftp-serverSubsystem sftp internal-sftpGatewayPorts no

add "-u 0022" umask as below

# override default of no subsystems
#Subsystem sftp /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp -u 0022
GatewayPorts no

After that, I re-login & create a file and I see that umask' file is 0022.

That's cool!

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

...

I'm Tien. I love to write, share my knowledge, help others and also learn from others as I believe everyone has something which can be learned. You can reach me at 4flancake at gmail dot com

[HOW TO] set umask for user has /sbin/nologin environment

0 nhận xét:

Post a Comment

Pages

Contact Me

Popular Posts

Categories

Blog Archive